From 679808bfd4285da7195a37a5488d840243ace170 Mon Sep 17 00:00:00 2001
From: wangfuqiang49 <wangfuqiang49@jd.com>
Date: Wed, 24 Sep 2025 16:37:06 +0800
Subject: [PATCH] fix udevadm trigger coredump after execute mount /

---
 ...-fix-path_is_root_at-when-dealing-wi.patch | 70 +++++++++++++++++++
 systemd.spec                                  |  5 +-
 2 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 backport-fd-util-fix-path_is_root_at-when-dealing-wi.patch

diff --git a/backport-fd-util-fix-path_is_root_at-when-dealing-wi.patch b/backport-fd-util-fix-path_is_root_at-when-dealing-wi.patch
new file mode 100644
index 0000000..a66898d
--- /dev/null
+++ b/backport-fd-util-fix-path_is_root_at-when-dealing-wi.patch
@@ -0,0 +1,70 @@
+From e858b2ed7cdd368ea76a604e658d62d74c83062d Mon Sep 17 00:00:00 2001
+From: wangfuqiang49 <wangfuqiang49@jd.com>
+Date: Mon, 22 Sep 2025 17:46:21 +0800
+Subject: [PATCH] backport fd-util: fix path_is_root_at() when dealing with
+ detached mounts
+
+The upstream involves many dependent patches and significant changes; this
+patch references its key parts.
+
+upstream patch:
+    commit e1f3d790f35234a380ddfb909ae5fa95a2538c1a
+    Author: Lennart Poettering <lennart@poettering.net>
+    Date:   Mon Aug 18 23:15:29 2025 +0200
+
+        fd-util: fix path_is_root_at() when dealing with detached mounts
+
+        path_is_root_at() is supposed to detect if the inode referenced by the
+        specified fd is the "root inode". For that it checks if the inode and
+        its parent are the same inode and the same mount. Traditionally this
+        check was correct. But these days we actually have detached mounts (i.e.
+        those returned by fsmount() and related calls), whose root inode also
+        behaves like that.
+
+        Our uses for path_is_root_at() use the function to detect if an absolute
+        path would be identical to a relative path based on the specified fd
+        (specifically: chaseat()), which goes really wrong if used on a detached
+        mount.
+
+        hence, let's adjust the function a bit, and let's go by path to "/" to
+        check if the referenced inode is the actual root inode in our chroot.
+
+Signed-off-by: wangfuqiang49 <wangfuqiang49@jd.com>
+---
+ src/basic/fd-util.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c
+index fa3fc77..0d1a6d9 100644
+--- a/src/basic/fd-util.c
++++ b/src/basic/fd-util.c
+@@ -920,7 +920,7 @@ int path_is_root_at(int dir_fd, const char *path) {
+         if (r < 0)
+                 return r;
+ 
+-        r = statx_fallback(dir_fd, "..", 0, STATX_TYPE|STATX_INO|STATX_MNT_ID, &pst.sx);
++        r = statx_fallback(dir_fd, "/", 0, STATX_TYPE|STATX_INO|STATX_MNT_ID, &pst.sx);
+         if (r < 0)
+                 return r;
+ 
+@@ -928,12 +928,12 @@ int path_is_root_at(int dir_fd, const char *path) {
+         if (!statx_inode_same(&st.sx, &pst.sx))
+                 return false;
+ 
+-        /* Even if the parent directory has the same inode, the fd may not point to the root directory "/",
+-         * and we also need to check that the mount ids are the same. Otherwise, a construct like the
+-         * following could be used to trick us:
++        /* Even if the root directory has the same inode as our fd, the fd may not point to the root
++         * directory "/", and we also need to check that the mount ids are the same. Otherwise, a construct
++         * like the following could be used to trick us:
+          *
+-         * $ mkdir /tmp/x /tmp/x/y
+-         * $ mount --bind /tmp/x /tmp/x/y
++         * $ mkdir /tmp/x
++         * $ mount --bind / /tmp/x
+          *
+          * Note, statx() does not provide the mount ID and path_get_mnt_id_at() does not work when an old
+          * kernel is used. In that case, let's assume that we do not have such spurious mount points in an
+-- 
+2.47.0
+
diff --git a/systemd.spec b/systemd.spec
index 91b1b4b..a5c7702 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -27,7 +27,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        255
-Release:        54
+Release:        55
 License:        LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later
 Summary:        System and Service Manager
 
@@ -941,6 +941,7 @@ Patch6879:      backport-core-transaction-do-not-override-unit-load-state-whe.pa
 Patch6880:      backport-core-introduce-Unit.dependency_generation-counter-an.patch
 Patch6881:      backport-test-add-test-case-for-issue-36031.patch
 Patch6882:      backport-core-escape-UTF-8-in-mount-unit-Where-field-before-s.patch
+Patch6883:      backport-fd-util-fix-path_is_root_at-when-dealing-wi.patch
 
 Patch9008:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9009:      udev-add-actions-while-rename-netif-failed.patch
@@ -2543,6 +2544,8 @@ fi
 %{_unitdir}/veritysetup.target
 
 %changelog
+* Wed Sep 24 2025 wangfuqiang <wangfuqiang49@jd.com> - 255-55
+- fix udevadm trigger coredump after execute mount /
 * Tue Sep 09 2025 Linux_zhang <zhangruifang@h-partners.com> - 255-54
 - sync patches from upstream
 
-- 
Gitee